Kinda like the bearer-token here, this is instead session-based. Whenever you log in a row is created in a database table and the GUID for the unique key is given to you. You use it for all API calls downstream. The row at the database is destroyed by an automated process after fifteen minutes. You will want to double authenticate with another piece of data, probably a bearer-token which will be kept at the database row.
No comments:
Post a Comment